Mark Snape

Weekly notables August 9th 2015

Awesome list of Laravel related links at

Hacking with PHP is where I found inspiration for the use of flock

BBC Bloggers publish 13 tips for making responsive web design multi-lingual

I use Google Authenticator for Gmail, Lastpass and Digital Ocean – keep an eye on this one A One Time Password Authentication package, compatible with Google Authenticator.

One of my favourite YouTubers Travis Neilson shares his favourite tools

Using a file lock to stop cron jobs updating the same record

Recently I was faced with an issue of deliberately overlapping cron jobs both trying to work on the same database record.

After some research, using flock (file lock) seemed to be a good option.

At each minute, I trigger a job to update the database with information scraped from another site (public domain information – before you ask). I let each job run for just under 3 minutes, so that at any time there are 3 jobs running. If I want to push it further I can just up the maximum time for each job.

The project is in Laravel and uses Eloquent for ORM and mysql for the database.  The problem faced was that the query to find out which record to service could take a relatively long time so that two processes could come to the same answer about which was the next record to update.

//open a lock file - can be used to pause other processes when they are also trying to query db
$lockfile = fopen(storage_path('locks/operatorUpdate.lock'),"w");

while(microtime(true)-$time_start < 178) {

    flock($lockfile, LOCK_EX);

        // establish oldest record
        $operator = \App\Operator::orderBy('checked_at','asc')->orderBy('id','asc')->first();

    flock($lockfile, LOCK_UN);

    // do what I need here to process the record just grabbed

fclose ($lockfile);

I decided to keep the lock file in a storage folder called locks. I used the storage_path() call to ensure that the path is the same irrespective of how I called the function. (cron jobs default to the root user home folder)

Bear in mind that I’m placing a blocking lock on the file just whilst I grab the oldest record and set its checked_at date. A second job coming along at the same time will hit the lock and wait for the quarter second it takes for the original query to run (I have 280,000 rows in the table).

Supporting delete cascade with SQLite and Laravel

If using SQLite, it is useful to be able to cascade a delete to related models. For instance, if a user is deleted, all their posts should also be deleted rather than being orphaned.

In the schema for the pivot table, you specify;



This works out of the box for mysql, but with sqllite it is not supported without turning it on.

I had this issue, and created a workaround, but I’m not comfortable with the solution because it required me to change the Laravel source. I’m only a newbie so could not really see an ‘app’ way of doing it.

In config/database.php

    'sqlite' => [
        'driver'   => 'sqlite',
        'database' => storage_path().'/database2.sqlite',
        'prefix'   => '',
        'exec'	   => 'PRAGMA foreign_keys = ON;',  //enable delete cascade

I added a new element ‘exec’

Then in /vendor/laravel/framework/src/Illuminate/Database/Connectors/SQLiteConnector.php, replace;

    return $this->createConnection("sqlite:{$path}", $config, $options);


    $pdo=$this->createConnection("sqlite:{$path}", $config, $options);

    //any exec statement?
    $exec = array_get($config, 'exec');
    return $pdo;

This allows the foreign_keys property to be set each time the connection is opened, and also any additional exec statements that might be needed.

Deploy Laravel 5 on shared hosting from Heart Internet

For trial sites, and quick to deploy, low traffic tools, its perfectly possible to host your site at Heart Internet using subdomains. Although these instructions are specific to Heart, they will work for other hosts, with and without subdomains.

Before you do anything – check that your host is providing PHP V5.4 or better (Laravel 5.0) or PHP 5.5.9 or better (Laravel 5.1 / 5.2)

1. Request subdomain setup

Heart run their subdomains on the same server. A folder is created in the public_html folder for the subdomain. For instance, I’m creating a service that will respond to  on the server, there will be a folder called public_html/dj3

After requesting the subdomain, wait an hour for the DNS to all be in place.

2. Upload your site

Your laravel code base should be located in a folder that is not accessible from the web.

Create a new folder in your root folder based on the name of your subdomain.  This is incase you want to install another application, you can put each backend in its own space.  Here i have used the name dj3core

dj3 directory

FTP everything except your public folder into the back-end folder that you created (dj3core in my example)

FTP the contents of your public folder into the subdomain folder (dj3 in my example)

Make sure that you copy the hidden file .htaccess also into your subdomain folder.  Do not put it in the root or the public_html folder

3. Fix the paths in the index.php file

You need different paths in the index.php file to what you have probably been testing with, so before uploading or inplace on the hosted server, edit the index.php (the one in the subdomain, eg /public_html/dj3/index.php) file as follows;

| Register The Auto Loader
| Composer provides a convenient, automatically generated class loader for
| our application. We just need to utilize it! We'll simply require it
| into the script here so that we don't have to worry about manual
| loading any of our classes later on. It feels nice to relax.

// require __DIR__.'/../bootstrap/autoload.php';
require __DIR__.'/../../dj3core/bootstrap/autoload.php';

| Turn On The Lights
| We need to illuminate PHP development, so let us turn on the lights.
| This bootstraps the framework and gets it ready for use, then it
| will load up this application so that we can run it and send
| the responses back to the browser and delight our users.

// $app = require_once __DIR__.'/../bootstrap/app.php';
$app = require_once __DIR__.'/../../dj3core/bootstrap/app.php';

I have retained the original lines, and added the modified lines below.

Compared to the distribution, the application can be found up two directories (../) and in the dj3core folder.

Thats it! Your site should now be working in the subdomain

4. Problems?

If you are still having problems, check that the storage folder is writable.

At the time of writing, I have not tested email, but I don’t expect there to be a problem.

If you are using the HTML and URL helpers make sure the url is set correctly in the config/app.php file.


Help, my host does not support CRON jobs

If you are working on a shoestring and using a shared host for your latest Laravel 5 project, you may want to setup some scheduled jobs. Laravel 5 has a great scheduler built in, but it needs a kick every minute for it to determine if it is time to run the job.

Through a third party service such as it is possible to provide this kick to the Laravel 5 Scheduler.

1. Create an account at

Accounts are free and permit you to schedule a task as frequently as once per minute

2. Create a route in your application to kick the laravel scheduler

    //trigger the scheduler
    Route::get('/hshhdyw7820037lammxh29' , function(){
        return 'OK';

Here I have used a random string for the path so that it is not accidentally ‘found’. If it would be an issue if your task is triggered twice, you might want to protect it further such as checking for the request coming’s IP address.

3. Add this route to the schedule



Other thoughts

By triggering the scheduler this way rather than just running the job directly means that you can then use the power of the Artisan scheduler.  Check out Eric Barnes intro to using the scheduler.

One thing not covered by Eric or the documentation is the ability to run a task every few minutes (5 minutes is catered for).

This example runs the ReplayServiceProvider every two minutes.

    $schedule->call('App\Providers\ReplayServiceProvider@feedData')->cron('*/2 * * * *');

Laravel 5 checkbox processing

One of the annoyances of HTML form processing is that checkboxes are not returned if they are unchecked.

This causes an issue if you just want to use Laravel’s automatic validation of forms and then want to be able to pass the validated form response to the model. Whilst it is possible to manage checkboxes in the controller it always strikes me as messy. My solution is below. There will always be detractors that claim the validator is not the place for this, my argument is that I am validating that what comes from the validator is either true or false and not true or missing.

Since the rules area of the request object is actually a method, it is possible to interact with the content of the request.

So, in my EditUserRequest class, where I have a checkbox named ‘is_admin’;

	public function rules()
		// default the value of the is_admin checkbox
		$this->merge(['is_admin' => $this->input('is_admin', 0)]);

		return [
			'name' => 'required|min:5',
			'email' => 'required|email',

I merge back into the request, the value of the input, or a default (the second option to Request->input) of 0. This sets the checkbox element to 0 if it is not present.

Then in the controller, I can use the simple;


Laravel 5 csrf tokens in ajax calls

In Laravel 5, all requests must pass through the Middleware which will not allow any POST requests without the correct CSRF token.

CSRF (Cross Site Request Forgery) prevents the site receiving requests from clients that it has not established a connection with. IE a random post request from a third party.

When using ajax to post form or changes in state, the csrf token must be supplied along with the request.

For instance, if the view being rendered contains the javascript, simply use blade tags to insert the token directly into the script:

                      type: "POST",
                      url: "/poke",
                      data: {   lat: lastlat,
                                lng: lastlng, 
                                bearing: 90,
                                '_token': '{!! csrf_token() !!}'

If the javascript is in a separate file (not processed by Blade) then the token can be set on a meta element and then queried by jQuery at runtime.

<meta name="csrf-token" content="{!! csrf_token() !!}">

Putting the above in the master page layout ensures that the csrf token is available in every page

Referring then to the meta element in each javascript ajax request;

                      type: "POST",
                      url: "/poke",
                      data: {   lat: lastlat,
                                lng: lastlng, 
                                bearing: 90,
                                '_token': $('meta[name="csrf-token"]').attr('content')

Thanks to Kelt Dockin for inspiration